Submission Details
Severity:
DOS - Some contracts won't be able to receive eth
Summary
Some contracts won't be able to receive eth.
Vulnerability Details
/**
* @dev sends ETH out of the contract. Reentrancy safe, in case we interact with
* malicious contracts.
* @param _amount amount in ETH to send
* @param _to address to send ETH to
*/
function sendETH(uint256 _amount, address _to) external nonReentrant onlyOwner {
(bool success,) = _to.call{value: _amount}("");
require(success, "Transfer Failed");
_setDeadline();
}
Some contracts are not able to receive ETH, it should check if the _to address is a contract or an EOA.
If it's a contract, wrapp the ETH amount and send the Wrapped ETH instead.
Impact
Deny Of Service if _to is a contract that cannot receive ETH.
Tools Used
Manual review, Github.
Recommendations
Check if _to is a contract or an EOA.
If it's a contract, wrapp the ETH amount and send the WETH instead of ETH to ensure the transaction won't ever fail.
Updates
Lead Judging Commences
0xtimefliez 9 months ago
Submission Judgement Published Assigned finding tags:
Missing receive() or fallback() function
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.